Gateway Future Improvements

Post-MVP features and enhancements for Ryu Gateway. These are not blockers for launch, but represent the next wave of capabilities that deepen the moat, unlock enterprise deals, and expand the platform.

🔐 Auth & Key Management

Two sides of the same coin: users authenticate to the gateway, and the gateway manages keys for them.

User-Level API Keys

Issue, rotate, and revoke API keys per user/team/project with scoped permissions
Short-lived JWT session tokens with auto-expiry instead of long-lived keys
Key scoping: a key can be restricted to specific models, tools, agents, or budgets
SSO / SAML / OIDC for enterprise identity provider integration
RBAC: fine-grained role-based access (admin, team lead, developer, viewer)

Managed Service Keys

The gateway stores and injects API keys for external services (OpenAI, Anthropic, GitHub, Slack, etc.) so individual users never touch raw credentials
Central key vault: IT rotates a key once, every agent picks it up immediately
Per-service scoping: "Backend team can use the GitHub token, frontend team cannot"
Audit trail: which key was used, by whom, when, for what
Auto-rotation policies: rotate keys on a schedule or on suspected compromise
MCP server auth: gateway injects the right credentials when an agent calls an MCP tool, the agent never sees the token

struct KeyVault {
    user_keys: HashMap<UserId, Vec<ApiKey>>,       // keys TO the gateway
    service_keys: HashMap<ServiceId, ServiceKey>,   // keys FOR external services
    rotation_policies: Vec<RotationPolicy>,
    injection_rules: Vec<InjectionRule>,            // which key goes to which MCP/service
}

struct ApiKey {
    id: KeyId,
    scope: KeyScope,                               // models, tools, agents, budget
    expires_at: Option<DateTime>,
    created_by: UserId,
    last_used: Option<DateTime>,
}

struct ServiceKey {
    service: ServiceId,                            // openai, anthropic, github, etc.
    encrypted_key: EncryptedString,
    scoped_to: Vec<Scope>,                         // org/team/project
    auto_rotate: Option<RotationPolicy>,
}

🧠 Context & Memory Layer

Make the gateway context-aware, not just a dumb proxy.